Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203888.roa
File: AS203888.roa (raw, json)
Hash identifier: 7vESJV9f/JVxr/wiqxvVETcsQk6lSFjZ0ki0lTtYLx0=
Subject key identifier: 90:DB:60:C3:69:76:61:F9:4E:2D:A1:2E:D7:1A:CF:F5:42:07:05:2A
Certificate issuer: /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial: 41F7CB6D630604CA2C89D7CC663B6C83320BAAE6
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203888.roa
Signing time: Mon 05 Feb 2024 07:44:24 +0000
ROA not before: Mon 05 Feb 2024 07:39:24 +0000
ROA not after: Mon 03 Feb 2025 07:44:24 +0000
asID: 203888
IP address blocks: 2a06:a005:d22::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:f7:cb:6d:63:06:04:ca:2c:89:d7:cc:66:3b:6c:83:32:0b:aa:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Validity
Not Before: Feb 5 07:39:24 2024 GMT
Not After : Feb 3 07:44:24 2025 GMT
Subject: CN=90DB60C3697661F94E2DA12ED71ACFF54207052A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ba:a6:67:a5:b5:77:5f:06:74:f4:b7:47:20:
2d:f1:e2:97:51:91:00:3e:55:4f:23:5b:4a:8a:cc:
b0:41:d7:e0:7f:f5:de:79:ec:15:8f:74:5b:4a:5d:
9f:2f:cb:03:d7:03:cc:c7:75:86:b3:dc:6f:96:63:
3a:7e:38:e8:23:45:75:ea:f9:f5:8a:31:ba:b3:23:
a8:03:54:32:35:de:9f:17:5d:43:09:a9:86:a1:da:
cd:b9:93:1b:74:e5:76:31:98:0f:e6:06:7f:a8:90:
63:53:3c:f7:84:a9:14:76:11:2e:cd:df:fb:12:80:
03:d7:a8:d2:6e:99:b2:57:79:c6:26:ed:e5:c5:f3:
4c:dd:7c:97:37:6c:04:f5:35:1e:03:6c:64:d8:af:
ba:ec:83:bc:d6:f1:c4:2b:ea:d1:1e:93:20:59:eb:
a2:fc:ff:48:32:ca:bb:85:d2:06:17:2a:6d:7f:62:
fb:46:d9:5d:61:6b:60:e3:d7:ae:63:02:f6:68:c0:
65:9f:8c:e0:94:f5:d9:51:be:11:6e:e4:e2:26:c2:
74:22:b5:49:fd:96:45:f5:bb:46:2a:23:e8:02:fb:
58:94:9b:ac:0e:46:8b:76:c0:6a:3f:60:c3:a7:ae:
77:86:19:75:ee:a5:fa:3f:99:5c:00:c5:ca:e6:5e:
9b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:DB:60:C3:69:76:61:F9:4E:2D:A1:2E:D7:1A:CF:F5:42:07:05:2A
X509v3 Authority Key Identifier:
keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203888.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:d22::/48
Signature Algorithm: sha256WithRSAEncryption
39:63:fa:e3:55:54:40:3c:bb:50:9c:c5:00:71:7a:27:ba:4b:
32:58:f8:ba:92:86:c6:0c:ce:a9:69:19:f2:e1:d6:d2:d7:8d:
a0:6b:5c:69:7c:d0:9b:8f:80:7f:f2:8d:5c:c8:f6:ed:e8:20:
64:8f:d5:52:ec:a0:73:cf:6e:9c:d5:05:13:4d:50:a7:0f:a7:
13:c8:20:24:24:c0:96:47:e1:cd:fb:9c:8d:bf:1e:f8:05:88:
bd:b1:e4:1a:1e:e0:95:16:35:7c:91:d5:2b:97:47:6a:09:7a:
38:a3:c1:20:58:89:0d:70:83:74:0e:69:d7:4b:30:2e:4c:c8:
1e:81:dc:0f:f9:55:0b:1c:7d:f0:9e:95:1a:c0:66:16:eb:f4:
3c:d0:21:2a:ee:93:aa:59:ff:df:7d:fd:d2:f6:f9:1e:a1:55:
3f:80:a7:b1:9c:25:cc:3b:72:ee:ca:87:4f:37:53:9a:19:0a:
bc:ce:ad:ae:a2:9c:85:5d:88:6a:a1:0c:93:ad:8e:fb:d6:bf:
89:54:ad:4b:a6:fa:1e:9c:66:fc:7f:3b:5a:e3:f6:36:f8:cd:
0b:8f:3a:98:45:14:1d:ec:cb:ff:3f:f3:c4:48:b6:22:07:5e:
f2:b5:8e:44:b7:17:83:a7:e0:9b:14:e4:da:6f:87:70:6d:38:
20:1b:ea:8c
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUQffLbWMGBMosidfMZjtsgzILquYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAyMDUwNzM5MjRaFw0yNTAyMDMwNzQ0MjRaMDMxMTAvBgNV
BAMTKDkwREI2MEMzNjk3NjYxRjk0RTJEQTEyRUQ3MUFDRkY1NDIwNzA1MkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBuqZnpbV3XwZ09LdHIC3x4pdR
kQA+VU8jW0qKzLBB1+B/9d557BWPdFtKXZ8vywPXA8zHdYaz3G+WYzp+OOgjRXXq
+fWKMbqzI6gDVDI13p8XXUMJqYah2s25kxt05XYxmA/mBn+okGNTPPeEqRR2ES7N
3/sSgAPXqNJumbJXecYm7eXF80zdfJc3bAT1NR4DbGTYr7rsg7zW8cQr6tEekyBZ
66L8/0gyyruF0gYXKm1/YvtG2V1ha2Dj165jAvZowGWfjOCU9dlRvhFu5OImwnQi
tUn9lkX1u0YqI+gC+1iUm6wORot2wGo/YMOnrneGGXXupfo/mVwAxcrmXpuDAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUkNtgw2l2YflOLaEu1xrP9UIHBSowHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAzODg4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQ0iMA0GCSqGSIb3DQEBCwUAA4IBAQA5Y/rj
VVRAPLtQnMUAcXonuksyWPi6kobGDM6paRny4dbS142ga1xpfNCbj4B/8o1cyPbt
6CBkj9VS7KBzz26c1QUTTVCnD6cTyCAkJMCWR+HN+5yNvx74BYi9seQaHuCVFjV8
kdUrl0dqCXo4o8EgWIkNcIN0DmnXSzAuTMgegdwP+VULHH3wnpUawGYW6/Q80CEq
7pOqWf/fff3S9vkeoVU/gKexnCXMO3LuyodPN1OaGQq8zq2uopyFXYhqoQyTrY77
1r+JVK1LpvoenGb8fzta4/Y2+M0LjzqYRRQd7Mv/P/PESLYiB17ytY5EtxeDp+Cb
FOTab4dwbTggG+qM
-----END CERTIFICATE-----
Generated at Sat May 4 12:12:18 2024 by rpki-client on console-ams.rpki-client.org